HSTS is not working.

Question

Hi there,&nbsp;We have one irule is configured on VIP which is redirecting to maintenance page if user access the wrong url on that page HSTS is not working but if we access the right url then HSTS is working. We have enabled HSTS in http profile and that is attached to the same VIP with irule. Is there any way to enable HSTS on maintenance page or any remediation to fix that issue.&nbsp;&nbsp;if { $DEBUG } { log local0. "TEST - Source IP address: [IP::client_addr]" }&nbsp; &nbsp;switch -glob $uri_ext {&nbsp; &nbsp; &nbsp; "/httpfoo*" &nbsp;{set uri_int [string map {"/httpfoo" "/adapter_plain"} $uri_ext]}&nbsp; &nbsp; &nbsp; "/httptest*" {set uri_int [string map {"/httptest" "/adapter_plain"} $uri_ext]}&nbsp; &nbsp;&nbsp; &nbsp; &nbsp; default &nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;HTTP::respond 200 content [ifile get ifile_service_unavailable_html]&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;set OK 0&nbsp; &nbsp; &nbsp; }&nbsp; &nbsp;}&nbsp;Many thanks in advance.

juergen_mang · Answer

HTTP::respond 200 content [ifile get ifile_service_unavailable_html] " "Strict-Transport-Security" "max-age=16070400"
You must set the HSTS header in your HTTP response manually.
&nbsp;
&nbsp;

Forum Discussion

HSTS is not working.

Recent Discussions

CLI command to fetch details related to backend server IP

TCP Out-of-order, TCP Dup ACK, and TCP Retransmission packets are displayed.

HTTPS Monitor Health - Receive String 200 OK Not Working

Datagroup with address and value

HSTS is not working.

Related Content

BIG-IP Next Automation: Working with the AS3 API endpoints

to HSTS or not to HSTS

Working with MasterKeys

F5 iRUule not working

TMOS HSTS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS